Explain Cross-Site Scripting (XSS) and Cross-Site Request Forgery (CSRF)

Detailed Answer

Cross-Site Scripting (XSS)

XSS allows attackers to inject malicious scripts into web pages viewed by other users, stealing cookies, session tokens, or other sensitive information.

Types of XSS:

Stored XSS: Malicious script stored in database
Reflected XSS: Script reflected off web server
DOM-based XSS: Vulnerability in client-side code

Prevention in .NET Core:

Use Razor Encoding (Automatic):

@Model.UserInput  // Automatically HTML encoded

For Raw HTML (Use with Caution):

@Html.Raw(Model.TrustedContent)  // Only for trusted content

Content Security Policy:

app.Use(async (context, next) =>
{
    context.Response.Headers.Add("Content-Security-Policy", 
        "default-src 'self'; script-src 'self' 'unsafe-inline'");
    await next();
});

Anti-XSS Library:

using Microsoft.Security.Application;
string safe = Encoder.HtmlEncode(userInput);

Cross-Site Request Forgery (CSRF)

CSRF forces authenticated users to execute unwanted actions on a web application by exploiting their active session.

Prevention in .NET Core:

Anti-Forgery Tokens (Built-in):

// In Startup.cs
services.AddControllersWithViews(options =>
{
    options.Filters.Add(new AutoValidateAntiforgeryTokenAttribute());
});

// In Razor view

    @Html.AntiForgeryToken()
    


// In Controller
[ValidateAntiForgeryToken]
public IActionResult SubmitForm(FormModel model)
{
    // Process form
}

For AJAX Requests:

// In _Layout.cshtml


// JavaScript
var token = document.querySelector('meta[name="csrf-token"]').content;
fetch('/api/data', {
    method: 'POST',
    headers: {
        'RequestVerificationToken': token
    }
});

SameSite Cookies:

services.ConfigureApplicationCookie(options =>
{
    options.Cookie.SameSite = SameSiteMode.Strict;
    options.Cookie.SecurePolicy = CookieSecurePolicy.Always;
});

Explain Cross-Site Scripting (XSS) and Cross-Site Request Forgery (CSRF)

Quick Answer

Detailed Answer

Related Resources